Test Setup/Execution

In addition to traffic generation, Skaion has helped prepare ranges for testing and ensured they performed as expected. Tasks included:

Custom modifications to QEMU to allow data collection outside the view of the system under test

Range/Test control software ensuring the correct, properly configured VMs were running prior to each test case, along with automating data collection after each case

Network validation tools

Windows network setup/administration

Linux network setup/administration

Custom data collection and analysis tools

Red Team/Malicious

Many tests need specific test vectors. Skaion has provided these for several projects, developing novel malicious code to test 0-day infections with desired properties. Often the exploits attack manufactured vulnerabilities to prevent the malware from running in the wild.

Additionally, a critique of some data sets noted that malicious traffic is too easily identified when no other nefarious traffic exists in the data. To address that concern, Skaion provides automated scans and "ankle biters" whose attacks should not succeed, but which build richer traffic for the test.

A Skaion Traffic Generator powers the live demo at FlowTraq and 2 of our data sets are available in PREDICT